SHA1 broken?
Darren Chamberlain
dlc at sevenroot.org
Wed Feb 16 15:13:44 CET 2005
* Eric Anopolsky <erpo41 at hotpop.com> [2005/02/16 00:48]:
> http://it.slashdot.org/it/05/02/16/0146218.shtml?tid=93&tid=172&tid=218
>
> Does anyone know anything about this?
Bruce Schneier thinks it's probably be true
(<http://www.schneier.com/blog/archives/2005/02/sha1_broken.html>):
SHA-1 has been broken. Not a reduced-round version. Not a simplified
version. The real thing.
...
The paper isn't generally available yet. At this point I can't tell
if the attack is real, but the paper looks good and this is a
reputable research team.
So this would be when we start putting:
digest-algo RIPEMD160
in our gpg.conf, right?
(darren)
--
The tools we use have a profound (and devious!) influence on our
thinking habits, and, therefore, on our thinking abilities.
-- Edsger W. Dijkstra
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : /pipermail/attachments/20050216/61a2411d/attachment.pgp
More information about the Gnupg-users
mailing list